Testing and monitoring Core Web Vitals (LCP, FID, CLS, INP, TTFB) to ensure web performance meets Google search ranking thresholds.

Comprehensive WebDriverIO (WDIO) test automation skill for generating reliable end-to-end browser tests in JavaScript and TypeScript with Page Object Model, custom commands, and advanced synchronization strategies.

Testing webhook implementations including delivery verification, retry logic, signature validation, idempotency, and failure handling patterns.

Test WebSocket connections for reliability including reconnection logic, message ordering, heartbeat mechanisms, and connection state management under adverse conditions

WebSocket testing including connection lifecycle, reconnection logic, message ordering, backpressure handling, and binary frame testing.

API simulation and service virtualization with WireMock for HTTP stubbing, request matching, stateful behavior, and fault injection testing.

iOS UI testing with XCUITest framework covering element queries, gesture simulation, accessibility testing, and Xcode test plan configuration.

Cross-site scripting vulnerability testing covering reflected, stored, and DOM-based XSS with sanitization validation and CSP bypass detection.

Comprehensive xUnit.net testing skill for writing reliable unit, integration, and acceptance tests in C# with [Fact], [Theory], fixtures, dependency injection, and parallel execution strategies.

Writing and testing YARA rules for malware detection, threat hunting, and file classification with rule validation and false-positive rate testing.

Automated web application security scanning using OWASP ZAP for finding XSS, SQL injection, CSRF, and other OWASP Top 10 vulnerabilities.

Comprehensive testing patterns for Zod schemas covering validation testing, transform testing, error message verification, and integration with API endpoints and forms

Use this to find code by **concept** or **behavior** (e.g., "where is auth validated", "how are plugins loaded").

Use when reviewing a bundle-plugin for structural issues, version drift, skill quality, workflow integration, or security risks — before releasing, after changes, or after adding skills. Auto-detects scope (full project vs skill vs workflow)

Use when planning new bundle-plugins, splitting complex skills, combining skills into bundles, or exploring a vague idea about packaging skills

Use when releasing a bundle-plugin, bumping versions, fixing version drift across manifests, setting up version sync infrastructure, updating CHANGELOG, publishing to marketplaces, or checking release readiness

Google C++ Style Guide rules for writing clean, maintainable C++ code. Use when writing C++, reviewing code, discussing naming conventions, formatting, class design, or any C++ best practices. Covers headers, scoping, classes, functions, naming, comments, and formatting.

Read a GitHub pull request, understand what it changes, and write a plain-English explanation. Post it as a PR comment so reviewers have instant context.

Elite Website Reviewer Agent for AEO, GEO, SEO, UI/UX Psychology, and Copywriting. Use this skill when asked to review or evaluate a website's positioning. It conducts an EXHAUSTIVE, multi-page, psychologically-driven, and ruthless analysis of the entire website. Produces a massive, comprehensive, scored report with charts and actionable fixes. NO EMOJIS allowed.

''

>

>

Search repositories, view issues, check PRs on GitHub. Use when: user asks about GitHub repos, issues, PRs, or wants to search GitHub. Don't use when: user wants general web search (use research skill) or asks about git concepts without GitHub context.

>

>

>

>

>

>

>

>

>

>

>

Plumb keeps the spec, tests, and code in sync. It intercepts every `git commit`

Guides iterative problem-solving by enforcing a search-read-verify-deliver workflow, structured 7-step debugging, evidence-based code review, and failure-escalation protocols across coding, product design, and team collaboration scenarios. Use when tackling complex development tasks, debugging persistent errors (2+ failures), performing thorough code reviews, or coordinating multi-step project delivery where verification at each stage is critical.

Keep dependencies up-to-date. Discovers outdated deps via dependabot alerts/PRs, creates one PR per ecosystem, iterates until CI is green, then assigns for review.

Use when executing ML experiment plans with subagents - adapts superpowers:subagent-driven-development with 2-level Validation Pyramid (L0 static → L1 runtime), experiment-aware reviews, and conclusion recording

Commits github changes to repository safely and professionally. use this before any commit made to github.

Wrap the current audit agent session inside the Anthropic Sandbox Runtime (srt) before starting any security audit. Use this before invoking smart-contract-audit, infrastructure-audit, or any other audit skill on an untrusted codebase. Triggers include: start a sandboxed audit, run audit in sandbox, sandbox before auditing, protect my session during audit.

Master authentic Reddit content generator using emotion-first, phased architecture. Creates posts that sound genuinely human through cognitive state simulation, not just rule-following. Use when the user asks to write a Reddit post, create Reddit content, or needs help with Reddit engagement. Includes adversarial committee review, Claude-ism detection, and interactive refinement workflow.

Deep architectural context building for security audits. Use when conducting security reviews, building codebase understanding, mapping trust boundaries, or preparing for vulnerability analysis. Inspired by Trail of Bits methodology.

Use this reference for agents that extract structure, rank candidates, classify actions, route work, moderate content, or gate automation.

Run all quality checks including linting, type checking, and tests. Use when the user wants to verify code quality, before committing, or when preparing a PR.

Next.js v16 best practices - proxy.ts, file conventions, RSC boundaries, Cache Components, async APIs, route handlers, image/font optimization

>

Commits, pushes, and opens pull requests for the RustFS Operator repo per CONTRIBUTING.md and AGENTS.md. Use when the user asks to commit, push to remote my, submit a PR upstream, or follow project contribution workflow.

Use when the user asks to invoke, delegate to, or collaborate with Codex on any task. Also use PROACTIVELY when an independent, non-Claude perspective from Codex would add value — second opinions on code, plans, architecture, or design decisions.

Run a structured 5-pass finishing audit on any website before launch — scoring visual polish, technical foundation, UX completeness, content quality, and cross-device readiness on 100 points. Use when: **Pre-launch** - Final validation before going live; **Post-redesign** - Verify nothing broke during the overhaul; **Client handoff** - Structured proof that the site is ready; **Quarterly review** - Catch accumulated debt; **Single-pass focus** - Run just Pass 2 after a perf sprint

Analyze sentiment in text using ML models. Use when: analyzing customer reviews; processing NPS feedback; monitoring brand mentions; evaluating campaign responses; categorizing support tickets